Sec: Sanitize all params page, sortfield and sortorder

htdocs/admin/tools/export.php

@@ -35,7 +35,7 @@ $file=GETPOST('filename_template','alpha');
 
 $sortfield = GETPOST('sortfield','alpha');
 $sortorder = GETPOST('sortorder','alpha');
-$page = GETPOST("page");
+$page = GETPOST("page",'int');
 if (! $sortorder) $sortorder="DESC";
 if (! $sortfield) $sortfield="date";
 if ($page < 0) { $page = 0; }

htdocs/comm/action/index.php

@@ -42,8 +42,8 @@ $filterd = GETPOST("userdone","int",3)?GETPOST("userdone","int",3):GETPOST("filt
 $showbirthday = empty($conf->use_javascript_ajax)?GETPOST("showbirthday","int"):1;
 
 
-$sortfield = GETPOST("sortfield");
-$sortorder = GETPOST("sortorder");
+$sortfield = GETPOST("sortfield",'alpha');
+$sortorder = GETPOST("sortorder",'alpha');
 $page = GETPOST("page","int");
 if ($page == -1) { $page = 0; }
 $limit = $conf->liste_limit;

htdocs/compta/paiement.php

@@ -42,9 +42,9 @@ $socname	= GETPOST('socname');
 $accountid	= GETPOST('accountid');
 $paymentnum	= GETPOST('num_paiement');
 
-$sortfield	= GETPOST('sortfield');
-$sortorder	= GETPOST('sortorder');
-$page		= GETPOST('page');
+$sortfield	= GETPOST('sortfield','alpha');
+$sortorder	= GETPOST('sortorder','alpha');
+$page		= GETPOST('page','int');
 
 $amounts=array();
 $amountsresttopay=array();

htdocs/contrat/services.php

@@ -35,7 +35,7 @@ $langs->load("companies");
 $mode = GETPOST("mode");
 $sortfield = GETPOST("sortfield",'alpha');
 $sortorder = GETPOST("sortorder",'alpha');
-$page = GETPOST("page");
+$page = GETPOST("page",'int');
 if ($page == -1) { $page = 0 ; }
 $limit = $conf->liste_limit;
 $offset = $limit * $page ;

htdocs/fourn/commande/liste.php

@@ -37,8 +37,8 @@ $sall=GETPOST('search_all');
 
 $page  = GETPOST('page','int');
 $socid = GETPOST('socid','int');
-$sortorder = GETPOST('sortorder');
-$sortfield = GETPOST('sortfield');
+$sortorder = GETPOST('sortorder','alpha');
+$sortfield = GETPOST('sortfield','alpha');
 
 // Security check
 $orderid = GETPOST('orderid');

htdocs/fourn/facture/index.php

@@ -47,9 +47,9 @@ if ($user->societe_id > 0)
 $mode=GETPOST("mode");
 $modesearch=GETPOST("mode_search");
 
-$page=GETPOST("page");
-$sortorder = GETPOST("sortorder");
-$sortfield = GETPOST("sortfield");
+$page=GETPOST("page",'int');
+$sortorder = GETPOST("sortorder",'alpha');
+$sortfield = GETPOST("sortfield",'alpha');
 
 if ($page == -1) { $page = 0 ; }
 $limit = $conf->liste_limit;

htdocs/fourn/liste.php

@@ -45,9 +45,9 @@ $socid = GETPOST('socid','int');
 if ($user->societe_id) $socid=$user->societe_id;
 $result = restrictedArea($user,'societe',$socid,'');
 
-$page = GETPOST('page');
-$sortorder = GETPOST('sortorder');
-$sortfield = GETPOST('sortfield');
+$page = GETPOST('page','int');
+$sortorder = GETPOST('sortorder','alpha');
+$sortfield = GETPOST('sortfield','alpha');
 if ($page == -1) { $page = 0 ; }
 $offset = $conf->liste_limit * $page ;
 $pageprev = $page - 1;

htdocs/holiday/index.php

@@ -33,9 +33,9 @@ require_once DOL_DOCUMENT_ROOT.'/holiday/common.inc.php';
 // Protection if external user
 if ($user->societe_id > 0) accessforbidden();
 
-$sortfield = GETPOST("sortfield");
-$sortorder = GETPOST("sortorder");
-$page = GETPOST("page");
+$sortfield = GETPOST("sortfield",'alpha');
+$sortorder = GETPOST("sortorder",'alpha');
+$page = GETPOST("page",'int');
 $page = is_numeric($page) ? $page : 0;
 $page = $page == -1 ? 0 : $page;
 

htdocs/product/stock/fiche.php

@@ -37,8 +37,8 @@ $langs->load("companies");
 
 $action=GETPOST('action');
 
-$sortfield = GETPOST("sortfield");
-$sortorder = GETPOST("sortorder");
+$sortfield = GETPOST("sortfield",'alpha');
+$sortorder = GETPOST("sortorder",'alpha');
 if (! $sortfield) $sortfield="p.ref";
 if (! $sortorder) $sortorder="DESC";
 
@@ -536,7 +536,7 @@ else
 
 			print '<center><br><input type="submit" class="button" value="'.$langs->trans("Save").'">&nbsp;';
 			print '<input type="submit" class="button" name="cancel" value="'.$langs->trans("Cancel").'"></center>';
-			
+
 			print '</form>';
 
 		}

htdocs/product/stock/mouvement.php

@@ -48,9 +48,9 @@ $search_movement = isset($_REQUEST["search_movement"])?$_REQUEST["search_movemen
 $search_product = isset($_REQUEST["search_product"])?$_REQUEST["search_product"]:'';
 $search_warehouse = isset($_REQUEST["search_warehouse"])?$_REQUEST["search_warehouse"]:'';
 $search_user = isset($_REQUEST["search_user"])?$_REQUEST["search_user"]:'';
-$page = GETPOST("page");
-$sortfield = GETPOST("sortfield");
-$sortorder = GETPOST("sortorder");
+$page = GETPOST("page",'int');
+$sortfield = GETPOST("sortfield",'alpha');
+$sortorder = GETPOST("sortorder",'alpha');
 if ($page < 0) $page = 0;
 $offset = $conf->liste_limit * $page;
 

htdocs/societe/societe.php

@@ -51,9 +51,9 @@ $search_categ=trim(GETPOST("search_categ"));
 $mode=GETPOST("mode");
 $modesearch=GETPOST("mode_search");
 
-$sortfield=GETPOST("sortfield");
-$sortorder=GETPOST("sortorder");
-$page=GETPOST("page");
+$sortfield=GETPOST("sortfield",'alpha');
+$sortorder=GETPOST("sortorder",'alpha');
+$page=GETPOST("page",'int');
 if (! $sortorder) $sortorder="ASC";
 if (! $sortfield) $sortfield="s.nom";
 if ($page == -1) { $page = 0 ; }